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application: 



Listing of claims: 

1 . (currently aniended) A tnethod for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successlijl 
authenticaiion, a request from ti client to »cce$s a protected ricsoprcc on tbc first svsTc m, the 
nroteCTed resoiifcg ttlg fi'^t svsrem heAnf^ bv ihe client only after ^Qccei;<;fu{ 

auT)ieppp yion of the client at the fir^r <gy <^feTp: 

determining, ai the first system that a client does not have a valid session 
credential granted by the first system; 

retrieving, at the first system, information from a session token held by the client, 
the information being retrieved from the client, the information corresponding to a session 
credential for the second system, the second system ( 1 ) grants session credentials based on 
successful authentication at the second system, and (2) includes a protected resource on the 
second system that is accessible by the client : the protected resource on the «;ecoT^d sy ^^fern 
heinp acce^f:ib|e by client only after succe<;<itiil amhftnrir.ajinp r>f [ he client at the ■second 

the first system presenting at least some of the information from the session 
loicen to the second system; 

the first system inputting a deiennination from the second system that the client 
has a valid session credential with the second system; and 
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The tlrsr sysiem effecring ^uc.Ci^<i<if\i\ anThemicaTion to xh^ glieni <go iQ gr^nr 
granting access, to ttie protected resource on ihe first system, to the cliem based on The 
deienrunation from the second system liiai the diem has a valid session credential with the 
second system. 

2. (previously presented) A method according to claim 1, funber comprising 
granting a session credential to the client by the first system, after decerniining that the client 
has a valid session credential granted by the second system, 

3. (previously presented) A n;etbod according to claim I, further comprising 
sending a session token to the client, the token corresponding to a session credential granted by 
the first system. 

4. (previously presented) A method according to claim J , f unher comprising 
directing the client to the second system to establish a session credential based on successful 
authentication at the second system, after deiennimng that the client does not have a valid 
session credential granted by the second system, 

5. (previously presented) A method according to claim 1 , funher comprising 
directing the client to the first system to establish a session credential based on saccessft^l 
authentication at the first system, after determining that the client does not have ^ valid session 
credential granted by the second system. 

6. (previously presented) A method according to claim 1 . ft^nher comprising 
maintaining the client session credential granted by the second system. 

7. (Canceled) 

8. (original) A meihod acconiing to claim 1. wherein reuieving inlbrmation 

3 
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from The session token held by Uje client comprises: 

sencjing a query to the client from the first system, the query including 
identification as originating from a domain name corresponding to the second system; and 
receiving a response to the query. 

9. (currendy amended) A method for validating session credentials of a 
client comprising: 

inputting, at a first system thai grants session credentiai&i based on successful 
authentication, 4 request from a client to accesii a protected resource on the first wtsre m. rhe 
protecicd rcsnufce on the firsc system heinp accfts«;ihle f^y ill? client only after ^ncce^^sfii] 
4urhenricqTion of f ljppt at the firsr syj;reTT^: 

determining, ai the first system that a client does not have a valid session 
credential granted by the first system; 

retrieving, at the first system, information from a session token held by the client, 
the information being retrieved from the cliem» the information corresponding to a session 
credential for the second system that grants session cnjdentials based on successful 
authentication at the second system, and the second system including a protected resource that 
is accessible by the client, the retrieving information ftom the session token held by the client 
comprises receiving a session token from ihe client corresponding to the second sysiem^ja^ilis 
nrnrecred resource on the second svsrem hein^ aoce^Qible bv ^jjppt only after <;ucee<;sfQl 
fiuthenricaiion of rhe cHanr }; gcond system : 

presenting at least some of the mformation from the session token to the second 

system; 

4 
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deierxnimng whether The cliem has a valid session credeniial granted by ihe 
second sysiem, the deierxniniug whether the client has 4 valid session credential granted by the 
second system is ai least panially from pre^entitig int'ormation from the session token; 

the first system inputting a detetxnination from the second system that the client 
has a valid session credential with the second system; 

granting a -Session credential to the client on the first system, after determining 
that the client has a valid session credential granted by the second system; 

sending a session roken to the cUcm, the session token corresponding to the 
s>ession credential granted by the first system, the session token allowing the client access to 
protected resources on the first i^vstem. <;q as rp prpyj^P ^ucge^^sfal fluTh^^^pif^atipr^ tn the clienr : 
and 

maintaining the chent session ctvdential-. 

10. (currently amendi^d) Computer executable software code stored on a 
computer-readable medium and transmitted as m information signal, the code for validating 
credentials, the code comprising: 

code to input, at a first system chat grants session credentials based on successful 
authentication, a request fix>m a client to access a protected resource on the first syste m, the 
nroiecred resource on thg fiisiT <^vsTe^ |iejn^ accessible hv rhe client only after g;uccef^c;f^] 
aathei^^jgfflpn of the clienr at ihe fijSjn ^y^^^rr^- 

code to deiennine, at the first system, that a client does not have a valid session 

credential granted by the first system; 

code to rcuieve, at the first system, infonnaiion from a session token held by the 

5 
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cliem, che informarion conesponcUng to a sessiup credential for the second system itnit grants 
session credenqais based on successful amlieniicacion ai the second system, the second system 
including a protected resource thai is accessible by the client , and the protected resource on the 
second system being accessible by r|ig cMi^.i^j nplv after successful authenticatinn nf the client at 
the second system: 

code to present at least some of the information from the session token to the 
second system; and 

code to input, from the second system to the firsi system, a determination 
whether the client has a valid session credential granted by the second system; and 
j code to effect successfi^ ^^thgntiy^'^^^" ^^^^^ acceR*; tn thft pmrfi^rert 

resource on the first sysiem> to the client based on the determination from the second system 
that the client has a valid session credential with the second system. 

J 1 , (currently amended) A computer readable medium having computer 
executable code stored thereon, the code tor validating credentials, the code comprising: 
code to input, at a first system that grants session cuedentials based on successful authentication, 
a request from a client to access a protected resource on the first system, the protected re<;niirce 
on the first svsiem being accessible bv the client only after <;uccessful amhenricarion of rl^e 
client ai rhe fir^r system ; 

code to deternnne, at the first system that the client does not have a valid session 
credential granted by the first system; 

code to retrieve from the client, at the first system, information from a session 

token held by the client, the information corresponding to a possible session credential for the 

6 
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second sysiem ibai granis session credential:* based on successful authenncauon at tbe second 
system tmd thai has a proiecied resource ibm is accessibje by the client, rhe prorecred reiRonrce 
gfyi^e s^yqpcl ^jp^ accessible hy Th.> clienf op]y ^fp^ ^Hff9gs>^ftjl auiheniicarion of rhe 

code lo present at le^st soncie of the information from the session token to the 
second system; and 

code to input, from the second system to the first system, a determination 
whether the client has a valid session credential granted by the second system; and 

code to effecf <ti^cc essfu> fiathe ntk-anon ro rhe clienr j;o ^SLIQ g rant access to the 
protected resource on the first system, to the chent based on the determination from tbe second 
system that the client has a valid session credential with the second system.. 

12, (currently amended) A programmed computer for validating 
credentials, comprising: 

a memory having at least one region for storing computer executable program 

code; and 

a processor for executing the program code stored in the memory, wherein the 
program code comprises: 

code to input, at a first system that grants session credentials based on successful authentication, 
a request from a client to access a protected resource on the first svsre m. rhe prorecied Resource 
on the fifRT <sy<iTem hein fy ^^^bessib le bv the client onlv aft er gnccessful auThenpcarion of 

code to determine, at tbe first system that the client does not have a valid session 

7 
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crecjcntial granted by the firsi system; 

code to retrieve, at the first systeni, infonnation from a session tojcen held by ihe 
cliem, the information corresponding lo a sessioji credential for the second system that grants 
session credentials based on successful ttuthemicntion ar the second system, the second system 
including a proiected resource that is accessible by the clian r^ rhe protected resource on ^he 
second sv.stgm heinf> acc<^Q<sih]t. hy ciien^ only afrgr succe<;^fL,j g^Hth?ntim'"" the client at 
The ^ftcoT]4 ^y^l^Yn' 

code to present at least some of the information from the session token to the 
second system; and 

code to input, from the second system lo the first system, a determination 
whether the client has a valid session credcnuai granted by the second system and 

code to effect successfal ^Hthtf ntiPiftiQn fr^ to grant access to the protected 
resource on the first system, to the cliem based on the determination from the second system 
that the client has a valid session credential with the second system. 

13. (currently amended) A method for establishing session credentials 

comprising: 

inpuning, at a first system that grants session credentials based on successfal 
authentication, a request from a client to access a proiected resource on the first system , ihe 
protected resource on the first system being acces^;ible bv the client only after qnccefi<;fi]l 

determining at the first system ihaf the client does not have a valid session 
credential granted by a first system; 

8 
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deiermirung ibai ihe clieqi does noi have a valid session ciedeniial gmied by a 
second systenj tased on successful authentication at the second system; 

sending, from the first system to the client, a log in page; 

receiving, at the tixsi system from the client, log in infonnaiion; 

sending, from the first system to the s^jcond system, the log in information; and 

receiving, at the first system from the second system, information corresponding 
to 4 session credential granted by the second system, the session credential granted by the 
second system bcised at least in part on the log in information and successful authentication at 
the second system, the second system being one that (1) grants session credentials based on 
successful authentication at the second system, and (2) includes a protected resource on the 
second system that is accessible by the clien t, tht^ pmrec^ed resource on rhe secon^ gystgffi 
being accessible bv rhe client only after succe;tsful authenticariQn of the clienr at rhe second 
syaga; and 

the first system effecrinf; successful ai^r|^e niic^riQn so a s lo grantgftttwtfh? access, 
to a protected resource on the first system, to the client based on the determination from the 
second system thul the client has a valid session credential with the second system. 

14- (previously presented) A method according to claim 13, funher 
comprising granting a session credential for the Ijrst system, 

15, (previously presented) A method according to claim 1 3, funher 
comprising granting a session credential for the s^econd system. 

16. (previously presented) A method according to claim 13, fl4nher 

comprising associating session credentials for the first system and the second system with the 

9 
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Client. 

17. (currently mnended) A nietliod for esiablishing sessioo credenuais for a 
cUenr, ihe method comprising: 

inputting, at a first system ibac gmnrs session credentials based on successful 
auiheniicaiion. a request from a client to access a protected re:>ource on the first syste m, the 
proracTi^d T€t<iaiirc& on The f^m ^y^rfim heinp; accc^^^ihle hv The clienr only after successful 

determining ihai cbe client does not have a valid session credential granted by the 

first system; 

Inpuning infonnaiion at the tlrst system, from the second system* that the client 
does not have a valid session credential granted by the second system, die second system 
including a protected resource, the protecred resoiirce on x\\e second sygrem ^jn^ accessible by 
the client onlv after successful authemicaiionj^f the client at the second svsiem: 

sending, from the second system to the client, a log in page; 

receiving, at the second system from the client, log in information; and 

sending, from the second system to the tirsi system, information corresponding 
to a session credential granted by the second system, the session credential granted by the 
second system based at least in part on the log in information and successful authentication at 
the second system; and 

granting a session credential to the client fox the first svsTe m <iCi ro provide 
successful authentication - such that the client is granted access to a protected resource on the 
tlrst system. 

10 
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\ 8, (original) A mertiod ^corcting lo claim 17, funher comprising granting a 
session credential for the second sysiem* 

19- (original) A meihod according lo claim 17, further comprising associating 
session credentials for the first sysiem and the second sysiem wiih the client. 

20. (currenrly amended) A method for validating credentials comprising: 

inputting, at a first system thai grams session credentials based on successfiil 
authentication, a request from a client to access a protected resource on the first !i;ysiem 

determining, at the first sysiem that a client does not have a valid session 
credential granted by the fxrsi system; 

redirecting the client to the second system that grants session credentials based 
on successful authentication at the second system, the second sysiem having a protected 
resource that is accessible by the cUent; 

sending, &om the second sysiem to the first sysiem, session credentials granted 
by the second system; 

jsending, from the first system to tlie second system, the session credentials 
granted by the second system; 

deternuning, at the second system, that the session credentials granted by the 
second system, and received from the first system, are valid; and 

sending, from the second system to the first syjitem. information indicating that 
the session credentials granted by the second sysiem are vali d: and 

inDMtlintf, at the second system that grants; <sfifif;[ on credenriak ha^ed 

successful ^urhc*ntic^.^fif^y|. a requeftr fmn^ ^ji^ni P acce<;q a prnreGi ed resource on rhe seconri; 

II 
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sy<;rem 

determining- at the second^y-^l^p ^har a diftllT rtOftS nOT have a valid session 

credential ^ a q^ec| h y rhe tsecond fiy^iT^m: 

^ redirecnnp rhe clienr ro rhe firsT sv^rem that grants ses5;ion credentiiils based on 

^ncce^i^fiil a uthertticarlon qr the tli^y Rv^ri^m; 

sendipf, from The firsT sysrf.m ro rjic si^CQnc) sysefli, §gsg.iQn ffgfl^miats firfflf^d 

hv rhefirqt gv^Tem: 

granted hv rhe tlrsT SY<stem; 

deierminin^, at the first j^vstem. that the se>;sion eredentml^ prantc^d hv the firsr 
svstem. and received from the second sysiem^ Af& valid; ^i]d 

'^^'^4W -frQ"ri ihe first gvsiem to t he second system, information indicating that 
the session credentials prante4 bv the first sysTftm arc> va^i^, 
21- (Canceled) 

22. (Canceled) 

23. (New) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 
ambeniicaiion, a request from a client to access a protected resource on the first system, the 
protected resource being accessible upon succesiimi auihenucation of the client a; ;be first 
system; 

determining, at the first system that the client does not have a valid session 

credential granted by the first system, so as to allow the client access to the protected resource 

12 
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on the firsi sysiem; 

ihe firsc system comniunicaung with a second isysiem, the second sysrexn having 
a funher proiecied resource on the second sysiem, ibe funher protected resource being 
accessible upon successful awhenucarion of ilie client at the second sysiem; 

the first system presenting information to fbe second system; 

the first sysiem inpuiiing a determination from the second sysiem that the client 
has a valid session credential with the second system; and 

Che tirsc sysiem effecting successful authentication so as to gram access, lo the 
protected resource on the first system, to ihe client, based on the determination from the second 
System that the client has a valid session credential with the second system. 

24. (New) The method of claim 23, funher including the first sysiem inpuiiing 
information from the second sysiem, and in response, the first system outpuiting, lo the second 
system, a determination that the firsi system has a valid session credential for the client at the 
first sysiem, and 

the second system effecting successful authentication so as lo grant access, to the funher 
protected resource on ibe second system, to the cUem based on the detemoination from the first 
system thai ihe clieni has a valid session credential with the first system. 

25. (New) The method of claim 24, wherein ibe protected resource in the first 
system includes content provided on a pay-per-«se basis, and wherein the protected resource in 
the second system includes content provided on a pay-pcr-use b4sis, 

26. (New) TTie method of claim 24, wherein the protected resource in the first 

system includes content provided on a subscription basis, and wherein the protected resource in 

13 
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the second system includes content provided on a subscription basis. 



14 
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